Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training, Courses, and Resources
Can't find what you are looking for?

Let us help.

Contact us
Community Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely.

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert

SANS Cyber Safari 2025

  • Sat, Oct 4 - Thu, Oct 23, 2025
  • 13 Courses
  • 3 Tournaments
  • English
Hyatt Regency Riyadh Olaya & Virtual (AST)
Olaya St, Al Olaya, Riyadh 12213
Riyadh, SA
Jump to:

Hands-On Cyber Security Training in Riyadh

Unlock the full potential of your career with cyber security training at SANS Cyber Safari 2025. Guided by world-renowned instructors at the forefront of the field, this event provides exclusive access to live industry experts, ensuring you stay ahead of the curve.

Immerse yourself in a learning environment that features industry-leading hands-on labs, simulations, and exercises, all geared towards practical application in your professional endeavors. Seize the opportunity to hone your skills during bonus sessions and activities, backed by SANS unwavering commitment to excellence and expertise.

Event Features

  • Practical Cyber Security Training: Delivered by real-world practitioners providing actionable insights.
  • Real-time Support: Receive immediate assistance from certified teacher assistants throughout your course.
  • Immersive Labs in a Virtual Environment: Hands-on practice to sharpen your skills in a secure setting.
  • Thought Leadership Talks & Workshops: all centered around training topics.
  • Comprehensive Courseware: Course materials provided in electronic and printed formats.
  • GIAC Certification: Most courses align with the highest standard in cybersecurity certification.
  • CPE Credits: Earn Continuing Professional Education credits towards a certification.

Whether you're a seasoned professional or new to the field, SANS Cyber Safari 2025 equips you with the skills and knowledge needed to navigate the ever-evolving threat landscape.

Please note, courses are available In-Person in Riyadh, SA and Live Online during this event. Register now to secure your spot.

Event Video

Students Say

  • Slide 1 of 4
    Kudos to the event team and backstage heroes for ensuring that we have fun and comfortable learning experience. The hotel, food and environment, everything is beyond expectations. Would love to come back and attend more trainings with SANS Gulf Region.
    Shubham JainSANS Gulf Region
  • Slide 2 of 4
    The instructor was excellent, making complex topics easy to understand. Their engaging teaching style and commitment to student understanding greatly enhanced my learning experience.
    Mazen Nawar Al-NufaieSANS Riyadh December
  • Slide 3 of 4
    Great delivery from the instructor. He was able to explain and provide real life cases to enhance understanding.
    StudentSANS Gulf Region
  • Slide 4 of 4
    The best training experience I have had in my 20 years of professional life.
    Dimitrios SarrisSANS Gulf Region
Slide 1 of 0
Early Bird Offer

Save $500 USD using the code "EarlyBirdEMEA-USD" and pay for any 4-6 day course (excluding Beta Courses) by September 3, 2025.

Courses

Looking for Group Purchasing? Contact Sales

GIAC Certification Exam Attempt

2 Free practice tests when you add a certification exam attempt to your course. Available for select courses below.

OnDemand Access

Add 4 months of OnDemand access to your course purchase. Only available for courses with an OnDemand option.

Showing 9 of 13
Filter by:

SEC401: Security Essentials - Network, Endpoint, and Cloud

Essentials
SEC401Cyber Defense
SEC401: Security Essentials - Network, Endpoint, and Cloud
  • Starts 4 Oct 2025 at 8:30 AM AST
  • $8,900 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

SEC504: Hacker Tools, Techniques, and Incident Handling

Essentials
SEC504Offensive Operations
SEC504: Hacker Tools, Techniques, and Incident Handling
  • Starts 4 Oct 2025 at 8:30 AM AST
  • $8,900 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

SEC542: Web App Penetration Testing and Ethical Hacking

Intermediate
SEC542Offensive Operations
SEC542: Web App Penetration Testing and Ethical Hacking
  • Starts 4 Oct 2025 at 8:30 AM AST
  • $8,900 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

SEC566: Implementing and Auditing CIS Controls

Intermediate
SEC566Cybersecurity Leadership
LDR553: Cyber Incident Management
  • GIAC Critical Controls Certification
  • 5 Days
  • 30 CPEs
  • Brian Ventura
  • Starts 12 Oct 2025 at 8:30 AM AST
  • $7,765 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:Join In-Person WaitlistVirtual

SEC511: Cybersecurity Engineering: Advanced Threat Detection and Monitoring

Intermediate
SEC511Cyber Defense
SEC511: Continuous Monitoring and Security Operations
  • GIAC Continuous Monitoring Certification
  • 6 Days
  • 46 CPEs
  • Tim Garcia
  • Starts 11 Oct 2025 at 8:30 AM AST
  • $8,900 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

FOR578: Cyber Threat Intelligence

Intermediate
FOR578Digital Forensics and Incident Response
FOR578: Cyber Threat Intelligence
  • Starts 11 Oct 2025 at 8:30 AM AST
  • $8,900 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

SEC530: Defensible Security Architecture and Engineering: Implementing Zero Trust for the Hybrid Enterprise

Intermediate
SEC530Cyber Defense
SEC530: Defensible Security Architecture and Engineering: Implementing Zero Trust for the Hybrid Enterprise
  • GIAC Defensible Security Architecture
  • 6 Days
  • 36 CPEs
  • Greg Scheidel
  • Starts 4 Oct 2025 at 8:30 AM AST
  • $8,900 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

SEC450: SOC Analyst Training – Applied Skills for Cyber Defense Operations

Major UpdatesIntermediate
SEC450Cyber Defense
SEC450: Blue Team Fundamentals: Security Operations and Analysis
  • Starts 18 Oct 2025 at 8:30 AM AST
  • $8,900 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

FOR509: Enterprise Cloud Forensics and Incident Response

Major UpdatesIntermediate
FOR509Digital Forensics and Incident Response
FOR509: Enterprise Cloud Forensics and Incident Response
  • GIAC Cloud Forensics Responder
  • 6 Days
  • 36 CPEs
  • David Szili
  • Starts 11 Oct 2025 at 8:30 AM AST
  • $8,900 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

Schedule

Course Training

Daily required course training hours throughout the week.

Bonus Session

Engage in extra learning and activities during SANS events.

NetWars Tournaments

Hands-on competitions to test and sharpen your cybersecurity skills.

Showing 1 of 9
Filter by:

Information Security and LLMs

Large Language Models (LLMs) such as ChatGPT, Claude, and Grok have become very powerful. This talk is full of live demonstrations of the kinds of things information security professionals can do with the LLMs. Examples include analyzing and manipulating shell code, writing exfiltration code, analyzing logs, and more.

05:30PM - 06:30PM AST

Presented by

Timothy McKenzie

Principal Instructor

Timothy McKenzie
In-Person & Virtual
Register

Tournament: Cyber Defense NetWars

Registration: All students who register for a 4–6 day course will be eligible to play NetWars for free. Registration for this event will be through your SANS Account Dashboard the week of the event.

About Cyber Defense NetWars: Focused on preventing, analyzing, and defending against complex real-world attack scenarios, including brute-force attacks and ransomware campaigns.

06:30PM - 09:30PM AST
In-Person & Virtual

Tournament: Cyber Defense NetWars

Registration: All students who register for a 4–6 day course will be eligible to play NetWars for free. Registration for this event will be through your SANS Account Dashboard the week of the event.

About Cyber Defense NetWars: Focused on preventing, analyzing, and defending against complex real-world attack scenarios, including brute-force attacks and ransomware campaigns.

06:30PM - 09:30PM AST
In-Person & Virtual

From Intel to Action: Building a High-Speed Early Warning System with MISP and AI

Actionable intelligence is only as good as your ability to share it — quickly, reliably, and with the right context. In this talk, we’ll explore how MISP can be used not just as a threat intel repository, but as a powerful engine for real-time collaboration and operational impact. We’ll cover how to make MISP highly available, build and sustain a community around it, and create qualitative events that provide the necessary context for detection, decision-making, and response. You’ll also see how we’re integrating AI into our workflows to improve speed, reduce manual effort, and enrich intelligence automatically — without sacrificing quality. Whether you’re just getting started with MISP or looking to take your threat sharing to the next level, this talk will give you concrete ideas to make it work in high-pressure, real-world environments.

05:30PM - 06:30PM AST

Presented by

Kevin Holvoet

Certified Instructor

Kevin Holvoet
In-Person & Virtual
Register

Tournament: DFIR NetWars

Registration: All students who register for a 4–6 day course will be eligible to play NetWars for free. Registration for this event will be through your SANS Account Dashboard the week of the event.

About DFIR NetWars: Focused on digital forensics, incident response, threat hunting, and malware analysis, this tool-agnostic approach covers everything from low-level artifacts to high-level behavioral observations.

06:30PM - 09:30PM AST
In-Person & Virtual

Tournament: DFIR NetWars

Registration: All students who register for a 4–6 day course will be eligible to play NetWars for free. Registration for this event will be through your SANS Account Dashboard the week of the event.

About DFIR NetWars: Focused on digital forensics, incident response, threat hunting, and malware analysis, this tool-agnostic approach covers everything from low-level artifacts to high-level behavioral observations.

06:30PM - 09:30PM AST
In-Person & Virtual

Save Time with Modern Search Techniques

In Digital Forensics, Incident Response, and other Cyber Security topics, we're frequently tasked with consuming HUGE amounts of data and finding the "interesting" parts quickly. We've had great tools to do this for decades. But, those tools we're optimized for old computing hardware. In our modern day we have setups with multiple CPU cores and flash storage. This talk will present some techniques to speed up those old techniques fully utilizing modern hardware.

05:30PM - 06:30PM AST

Presented by

Mark Jeanmougin

Certified Instructor

Mark Jeanmougin
In-Person & Virtual
Register

Tournament: Core NetWars

Registration: All students who register for a 4–6 day course will be eligible to play NetWars for free. Registration for this event will be through your SANS Account Dashboard the week of the event.

About Core NetWars: The most comprehensive of the NetWars ranges, this ultimate multi-disciplinary cyber range powers up the most diverse cyber skills. This range is ideal for advancing your cybersecurity prowess in today's dynamic threat landscape. The winning team and the top five solo players from every Core NetWars tournament throughout the year are offered a chance to compete in the annual SANS Core NetWars Tournament of Champions.

06:30PM - 09:30PM AST
In-Person & Virtual

Tournament: Core NetWars

Registration: All students who register for a 4–6 day course will be eligible to play NetWars for free. Registration for this event will be through your SANS Account Dashboard the week of the event.

About Core NetWars: The most comprehensive of the NetWars ranges, this ultimate multi-disciplinary cyber range powers up the most diverse cyber skills. This range is ideal for advancing your cybersecurity prowess in today's dynamic threat landscape. The winning team and the top five solo players from every Core NetWars tournament throughout the year are offered a chance to compete in the annual SANS Core NetWars Tournament of Champions.

06:30PM - 09:30PM AST
In-Person & Virtual

Riyadh, Saudi Arabia

Hyatt Regency Riyadh Olaya

Riyadh, the capital of Saudi Arabia, is a city where modernity meets tradition. Its rich culture and heritage are showcased at iconic sites like Diriyah, the birthplace of the kingdom, and the historic Masmak Fortress. Savor traditional Saudi dishes such as kabsa, mandi, and sweet dates.Visitors can explore the architectural marvels of the Kingdom Centre, the grandeur of Al Murabba Palace, and the stunning natural beauty of the Edge of the World, making Riyadh a destination of cultural and scenic wonder.

View Hotel
Riyadh

3 Reasons To Stay At The Event Venue

  • Ultimate Convenience

    Eliminate the hassle of daily commutes and wasted travel time. You’ll have everything you need—from your training to dining and amenities - all in one centralized, convenient location.

  • Seamless Networking Opportunities

    Stay where the action is! Maximize your chances to connect with fellow cybersecurity professionals and industry leaders - from impromptu conversations in the lobby to exclusive after-hours events.

  • All Day, All Event Access

    SANS live training events include bonus sessions exclusively at the venue. Staying on-site ensures you won’t miss these opportunities to grow your network and engage with peers beyond the conference agenda.

2 People Looking at Laptop

Location Information

Directions

In the heart of Downtown Riyadh, Hyatt Regency Riyadh Olaya offers a prime location steps from the financial district, with easy access to Olaya Towers, KAFD, and Riyadh International Convention & Exhibition Center. Surrounded by high-end shopping and the vibrant Tahlia Street, it’s an ideal destination for business and leisure. Valet and self-parking is available at the hotel.

View On Google Maps